文件名称:XSS漏洞检测工具
文件大小:199KB
文件格式:GZ
更新时间:2015-07-02 11:05:56
XSS 漏洞 检测 工具
XSS漏洞检测工具,Linux下安装使用,很简单 Examples of usage: ============================== * Simple injection from URL: $ python XSSer.py -u "http://host.com" ------------------- * Simple injection from File, with tor proxy and spoofing HTTP Referer headers: $ python XSSer.py -i "file.txt" --proxy "http://127.0.0.1:8118" --referer "666.666.666.666" ------------------- * Multiple injections from URL, with automatic payloading, using tor proxy, injecting on payloads character encoding in "Hexadecimal", with verbose output and saving results to file (XSSlist.dat): $ python XSSer.py -u "http://host.com" --proxy "http://127.0.0.1:8118" --auto --Hex --verbose -w ------------------- * Multiple injections from URL, with automatic payloading, using caracter encoding mutations (first, change payload to hexadecimal; second, change to StringFromCharCode the first encoding; third, reencode to Hexadecimal the second encoding), with HTTP User-Agent spoofed, changing timeout to "20" and using multithreads (5 threads): $ python XSSer.py -u "http://host.com" --auto --Cem "Hex,Str,Hex" --user-agent "XSSer!!" --timeout "20" --threads "5"
【文件预览】:
xsser-public
----gtk()
--------xsser.ui(294KB)
--------images()
--------docs()
--------xsser.desktop(258B)
----XSSer()
--------options.py(16KB)
--------dork.py(13KB)
--------reporter.py(2KB)
--------main.py(101KB)
--------encdec.py(3KB)
--------gtkcontroller.py(81KB)
--------twsupport.py(7KB)
--------fuzzing()
--------globalmap.py(24KB)
--------post()
--------tokenhub.py(3KB)
--------threadpool.py(17KB)
--------flashxss.py(2KB)
--------__init__.py(29B)
--------publish.py(3KB)
--------mozchecker.py(5KB)
--------curlcontrol.py(18KB)
--------crawler.py(13KB)
--------randomip.py(1KB)
--------imagexss.py(2KB)
----xsser(1KB)
----doc()
--------THANKS(360B)
--------MANIFESTO(1KB)
--------AUTHOR(397B)
--------CHANGELOG(3KB)
--------README(14KB)
--------INSTALL(1KB)
--------COPYING(31KB)
----setup.py(1KB)
----Makefile(1KB)